1 / 13

Cody Deluisio - dtran n-Command AOS Configuration Templates

Adtran n-Command MSP is a true game-changer for deploying and administering Adtran products quickly. While getting n-Command was a journey in itself, I had a difficult ordering process; it was very difficult to get any info from their sales team ( they never really returned any of my voicemails, inquiries, or emails over ~18 months, and by the time I gave up and just ordered the VMware version it was back-ordered for about 7 weeks, I wasnu2019t particularly used to waiting almost 2 months for a license key. While I was hoping something cool came with it when it finally showed up;

codydeluisio
Download Presentation

Cody Deluisio - dtran n-Command AOS Configuration Templates

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cody Deluisio | dtran n-Command AOS Configuration Templates Adtran n-Command MSP is a true game changer for deploying and administering Adtran products quickly. While getting n-Command was a journey in itself, I had a difficult ordering process; it was very difficult to get any info from their sales team ( they never really returned any of my voicemails, inquiries or emails over ~18 months, and by the time I gave up and just ordered the VMware version it was backordered for about 7 weeks, I wasn’t particularly used to waiting almost 2 months for a license key. While I was hoping something cool came with it when it finally showed up; it was just a sticker on an out of date pamphlet on how to set it up, PS the default password isn’t what the guide states it is. Luckily Adtran makes products that sell and speak for themselves so I do still love n-Command and think it is an awesome tool! You don’t often walk into Demarcs and see equipment that has been in service 20+ years that is still in service that isn’t Adtran. One of the most useful tools I have found is the AOS Configuration Templates. Adtran does have a really good guide on setup; however, I thought they were a bit shy on showing how to put a lot of configuration details in. I’m going to show an example that gives plenty of details and looks more familiar if you are proficient in AOS. This isn’t a perfect config and isn’t any of the ones I use but it will show the syntax and usage and give you a great start to build upon. Also note, I showed both ways to insert a password below. Encrypted and not encrypted, they will be encrypted once on the device due to the service password encryption but in order to enter them in the field the password must be unencrypted unless if you know the password hash beforehand. To my knowledge Adtran passwords can only be hashed on an Adtran device. <?xml version="1.0" encoding="utf-8"?> <aos-config-template> <form id="info"><![CDATA[ Device Info... Please enter service ID :<input id="hostname" type="text" maxlength="17" restrict="."/> WAN 1 SUBNET... Please enter Main IP (ETH 0/1) : <input id="WAN1IP" type="text" />

  2. Please enter Main Subnet Ex (255.255.255.0)(ETH 0/1) : <input id="WAN1SN" type="text" /> Please enter Main GW (ETH 0/1) : <input id="WAN1GW" type="text" /> WAN 2 SUBNET Do not change if 2 WANs do Not exist... Please enter WAN 2 IP (ETH 0/2) : <input id="WAN2IP" type="text" value="DHCP" /> Please enter WAN 2 Ex (255.255.255.0)(ETH 0/2) : <input id="WAN2SN" type="text" allowblank=true /> Please enter WAN 2 GW (ETH 0/2) : <input id="WAN2GW" type="text" allowblank=true /> LAN SUBNET... Please enter LAN IP (GIG ETH 0/1) : <input id="LAN1IP" type="text" value="192.168.1.1" /> Please enter Main Lan Subnet Ex (255.255.255.0)(GIG ETH 0/1) : <input id="LAN1SN" type="text" value="255.255.255.0" /> Device Role... SIP USER:<input id="sipuser" type="text" maxlength="15" allowblank=true /> Please enter SIP password:<input id="sippassword" type="text" maxlength="15" restrict="A-Za- z0-9!$#\-_" allowblank=true /> Please enter Main Number E911:<input id="mainnumber" type="text" maxlength="15" restrict="A-Za-z0-9!$#\-_" allowblank=true /> ]]></form> <config><![CDATA[ hostname ${hostname} ! enable password SECUREENABLE ! username "admin" password "SUPERSECRET"

  3. username "cody" password "MEGASECRET" ! ! clock timezone -5-Eastern-Time ! ip subnet-zero ip classless ip routing ipv6 unicast-routing ! ! domain-proxy name-server 8.8.8.8 1.1.1.1 ! ! no auto-config auto-config authname adtran encrypted password ajsehfkwlehfdkwqehdflkqweq;lqqo ! event-history on logging forwarding on logging forwarding receiver-ip logs.yourdomain.com no logging email !

  4. service password-encryption ! ! banner motd ^ ************************************************************* ***** This is a PRIVATE NETWORK FACILITY ***** ***** You are attempting to access a RESTRICTED DEVICE. ***** ***** Access to this device is restricted to authorized ***** ***** personel only. All login attempts to this device ***** ***** are logged and monitored. Violators will be ***** ***** prosecuted to the fullest extent of the law! ***** ***** ***** *************************************************************^ ! ! ip firewall no ip firewall alg msn no ip firewall alg mszone no ip firewall alg h323 ! ! ! !

  5. ! ! ! ! no dot11ap access-point-control ! ! ! ip route 0.0.0.0 0.0.0.0 ${WAN1GW} 10 ! no tftp server no tftp server overwrite no http server no http secure-server snmp agent no ip ftp server no ip scp server no ip sntp server ! ! ! ! sip

  6. sip udp 5060 no sip tcp ! ! ! voice feature-mode network voice flashhook mode transparent voice forward-mode network ! ! ! ! ! ! ! ! voice dial-plan 2 long-distance 1-NXX-NXX-XXXX voice dial-plan 3 local NXX-NXX-XXXX ! ! ! ! voice codec-list TRUNK

  7. codec g711ulaw codec g729 ! ! voice trunk T01 type sip description "SIP TRUNK TO CLOUD " match dnis "9XX" replace ani ${mainnumber} sip-server primary sbc.yournetwork.com registrar primary ${hostname} registrar threshold percentage 50 registrar max-concurrent-reg 1 outbound-proxy primary sbc.yournetwork.com domain ${hostname} max-number-calls 23 register pri auth-name ${sipuser} password ${sippassword} trust-domain grammar from host domain grammar to host domain authentication username ${sipuser} password ${sippassword} transfer-mode local ! ! voice trunk T02 type isdn

  8. description "ISDN PRI" resource-selection circular descending caller-id-override number-inbound ${mainnumber} if-no-cpn caller-id-override emergency-outbound ${mainnumber} connect isdn-group 1 match dnis "NXX-XXX-XXXX" substitute "1-NXX-XXX-XXXX" match ani "1-NXX-NXX-XXXX" substitute "NXX-NXX-XXXX" modem-passthrough t38 vad rtp delay-mode adaptive codec-list TRUNK ! ! voice grouped-trunk SIP-UPSTREAM trunk T01 accept $ cost 0 ! ! voice grouped-trunk PRI trunk T02 accept $ cost 0 !

  9. ! ! ! auto-link auto-link server primary adtran.yourdomain.com auto-link server secondary adtran2.yourdomain.com ! interface eth 0/1 ip address $WAN1IP $WAN1SN no shutdown ! interface eth 0/2 ip address $WAN2IP $WAN2SN no shutdown ! ! ! interface t1 0/1 shutdown ! interface t1 0/2 shutdown !

  10. interface t1 0/3 shutdown ! interface t1 0/4 description PRI TO PBX tdm-group 1 timeslots 1-24 speed 64 no shutdown ! ! interface pri 1 isdn name-delivery connect t1 0/4 tdm-group 1 digits-transferred 4 no shutdown ! ! interface fxs 0/1 no shutdown ! interface fxs 0/2 no shutdown ! interface fxs 0/3

  11. no shutdown ! interface fxs 0/4 no shutdown ! interface fxs 0/5 no shutdown ! interface fxs 0/6 no shutdown ! interface fxs 0/7 no shutdown ! interface fxs 0/8 no shutdown ! ! interface fxo 0/0 no shutdown ! ! isdn-group 1

  12. connect pri 1 ! ip rtp quality-monitoring ip rtp quality-monitoring sip ! ip rtp quality-monitoring reporter "Reporter1" collector auto-link no shutdown ! line con 0 login password encrypted ajskfjwoekjfwofjfwlejkf ! line telnet 0 4 line-timeout 60 shutdown line ssh 0 4 login local-userlist line-timeout 60 no shutdown ! ! ntp server time.yourdomain.com prefer

  13. ]]></config> </aos-config-template> Now this config is for the Adtran 908 third generation, it is simple to add filters to filter this to device types or particular firmware versions. Data validation can also be added to the forms quite simply. I recommend implementing these features but the Adtran guide covers these quite well. Now lets have a look at what the form looks like from the GUI. In my lab environment I will schedule a config job for a newly discovered device. Notice that not all of the form is displayed at once, you will need to scroll down on the right to answer all of the questions. When done filling out the form you would hit create and go through pushing a config job as you would any other job. On the next check in the device would have this config uploaded.

More Related